package com.sansui.blog.config;

import com.sansui.blog.dao.UserDao;
import com.sansui.blog.pojo.User;
import com.sansui.blog.utils.Md5;
import com.sansui.blog.utils.encryption.MD5Util;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @name: CredentialMatcher
 * @author: Sansui
 * @Software: IDEA
 * @Blog: https://www.cnblogs.com/sansui6/
 * @date: 2022-07-31 19:13
 *
 * shiro登录校验
 **/
public class CredentialMatcher extends SimpleCredentialsMatcher {

    @Autowired
    private UserDao userDao;

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
        //从浏览器中获取的密码
        String password = new String(usernamePasswordToken.getPassword());
        String username = new String(usernamePasswordToken.getUsername());
        String uuid = userDao.getUserUuid(username);
        //根据username查出密码，最后进行判断
        String dbPassword = (String) info.getCredentials();
        return this.equals(MD5Util.string2MD5(password+uuid), dbPassword);
    }

}
